package com.github.shiqiyue.app.api.sapi.controller.sys;

import com.github.shiqiyue.app.common.result.Result;
import com.github.shiqiyue.app.common.utils.JsonUtils;
import com.github.shiqiyue.app.modules.sys.entity.UserPermission;
import com.github.shiqiyue.app.modules.sys.service.IUserPermissionService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.List;

/***
 * 用户-权限控制器
 * @author wenyao.wu
 * @date 2018/10/17
 */
@Slf4j
@Api(tags = "用户-权限")
@RestController
@RequestMapping("sapi/sys/user-permission")
public class SApiUserPermissionController {


    @Autowired
    private IUserPermissionService userPermissionService;

    /***
     * 获取用户拥有的所有用户权限
     * @param userId
     * @return
     */
    @PreAuthorize("hasAuthority('0010104')")
    @ApiOperation("获取用户拥有的所有用户权限")
    @PostMapping("search/user-id/{userId}")
    public Result<List<UserPermission>> findByUserId(@PathVariable("userId") Long userId) {
        List<UserPermission> userPermissionList = userPermissionService.findByUserId(userId);
        return Result.success(userPermissionList);
    }

    /***
     * 保存用户拥有的用户权限
     * @param userId
     * @param userPermissionListJson
     * @return
     */
    @PreAuthorize("hasAuthority('0010104')")
    @ApiOperation("保存用户拥有的用户权限")
    @PostMapping("save")
    public Result save(Long userId, String userPermissionListJson) {
        List<UserPermission> userPermissionList = JsonUtils.stringToBeanList(userPermissionListJson, UserPermission.class);
        userPermissionService.updateByUserId(userId, userPermissionList);
        return Result.success();
    }

}
